point to point tunnel

Posted on 2008-06-10
Last Modified: 2010-04-12
I have connect a remote office in a different state to the main office. The main office currently has a Sonicwall TZ170 for it's firewall. The remote office doesn't have anything yet. What would be the best solution for this? I would like for the remote site to work of the main office servers just like it's in the same building. Would the best solution be for  purchasing a T1 line tunnel from A to B or would any internet work and just use the hardware? I've never set up one before so any help including white pages would be appreciated.
Question by:cnmgt
  • 2
LVL 28

Expert Comment

ID: 21758195
There are several approaches you can take to this.  One would be a dedicated T1 from site to site. This is fairly effective and costs are "reasonable"  If you don't have huge data needs you could look into using local DSL or Cable connectivity to get to the Internet and establish a VPN.  The downside to this is dealing with local phone or cable companies. Depending on your internal set up you might be able to run a T1 connection without having to have a VPN in place as it's a dedicated line. You don't have to use hardware-based VPN connectivity as Windows and Mac have it built-in, but I find that using Cisco hardware devices at each end makes for an always on VPN connection that in effect puts your remote office on your local office and is very stable.

If you have bigger data needs you might also look into a multi-MB WAN connection if your provider can supply one.  We use such a connection from TWTC between sites and it works very well.  You might also look into the WAN connection instead of the T1 just in terms of pricing.  Sometimes these newer connections are less expensive than the older T1 technology.

We have 20-30 sites that are remote to our main location and we have used both the WAN connection (replaced T1) and DSL/Cable connections.  We use WAN for larger sites and DSL/Cable for smaller ones.  WAN connections come right into switches at our site and run as a separate IP segment...this is a direct connect for us and no VPN's an extension of our primary network.  All smaller sites use the cisco hardware to hardware VPN setup and unless the phone/cable company has an issue it works really well.

Author Comment

ID: 21758986
Do know of any links for a detail WAN setup? Our problem is the Cali office connects to the main office in Colorado using a web interface. We have a Sonicwall SSL device. Once they establish the connection then the click the link for the terminal server. It runs slow and they are kicked off constantly. I think it might be running slow because the company uses a NAS device using sata drives for file sharing. I don't think NAS is designed for constant network use.
LVL 28

Accepted Solution

jhyiesla earned 500 total points
ID: 21759059
Not really. It depends on what your end points look like in terms of terminating equipment and what features your Provider offers. Your provider should be able to advise you on what you need to complete the connection based on your network topology.  For example, we use WAN links for both Internet access for our entire company and for connection of our larger sites to our main network. The lines from the Vendors perspective are different because of what we are trying to accomplish with each. They both terminate at our facility through our edge router to a Cisco switch. However, the Internet connection goes directly to our firewall and then on to the network and the other link goes to a BGP router and then on to our main switch.

If you decide to go with the high speed WAN link, make sure your provider works with you and understands your topology completely and gives you help in configuring your endpoint equipment. We didn't do as good a job as we should have with this and ended up doing a lot of work after the fact which delayed the bring up of the links and extended the initial troubleshooting that we had to do.

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

For a while, I have wanted to connect my HTC Incredible to my corporate network to take advantage of the phone's powerful capabilities. I searched online and came up with varied answers from "it won't work" to super complicated statements that I did…
OpenVPN is a great open source VPN server that is capable of providing quick and easy VPN access to your network on the cheap.  By default the software is configured to allow open access to your network.  But what if you want to restrict users to on…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question